...
Hash Function
Joget is now more secured secure with advanced hashing implementation for passwords. Joget's password storage is now equipped with The hash function used is SHA-256 . The Salts have been used with hashing. The Hashing with added salt.
2-Way Encryption
The default algorithm being used is PBEWithMD5AndDES for 2-way encryption is PBEWithMD5AndDES. If stronger encryption is required, the encryption implementation can be replaced with a custom DataEncryption implementation in /WEB-INF/classes/customApplicationContext.xml e.g.
| Code Block | ||
|---|---|---|
| ||
<!-- Sample custom DataEncryption implementation -->
<bean id="dataEncryption" class="custom.CustomDataEncryptionImpl">
<property name="some_property" value="some_value"/>
</bean> |
| Warning |
|---|
| NOTE: If any encryption key or implementation changes are to be implemented, they must be done right at the beginning of any deployment as all previous encrypted strings would become unreadable. |